@descope/nextjs-sdk 0.13.13 → 0.13.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +4 -4
- package/dist/cjs/server/authMiddleware.js.map +1 -1
- package/dist/cjs/server/constants.js +1 -1
- package/dist/cjs/server/sdk.js +9 -3
- package/dist/cjs/server/sdk.js.map +1 -1
- package/dist/cjs/shared/constants.js +1 -1
- package/dist/esm/server/authMiddleware.js.map +1 -1
- package/dist/esm/server/constants.js +1 -1
- package/dist/esm/server/sdk.js +9 -3
- package/dist/esm/server/sdk.js.map +1 -1
- package/dist/esm/shared/constants.js +1 -1
- package/package.json +4 -4
package/README.md
CHANGED
|
@@ -141,7 +141,7 @@ import { authMiddleware } from '@descope/nextjs-sdk/server'
|
|
|
141
141
|
|
|
142
142
|
export default authMiddleware({
|
|
143
143
|
// The Descope project ID to use for authentication
|
|
144
|
-
// Defaults to process.env.
|
|
144
|
+
// Defaults to process.env.NEXT_PUBLIC_DESCOPE_PROJECT_ID
|
|
145
145
|
projectId: 'your-descope-project-id',
|
|
146
146
|
|
|
147
147
|
// The URL to redirect to if the user is not authenticated
|
|
@@ -263,7 +263,7 @@ session({
|
|
|
263
263
|
})
|
|
264
264
|
```
|
|
265
265
|
|
|
266
|
-
- **projectId:** The Descope Project ID. If not provided, the function will fall back to `
|
|
266
|
+
- **projectId:** The Descope Project ID. If not provided, the function will fall back to `NEXT_PUBLIC_DESCOPE_PROJECT_ID` from the environment variables.
|
|
267
267
|
- **baseUrl:** The Descope API base URL.
|
|
268
268
|
|
|
269
269
|
This allows developers to use `session()` even if the project ID is not set in the environment.
|
|
@@ -282,7 +282,7 @@ import { createSdk } from '@descope/nextjs-sdk/server';
|
|
|
282
282
|
|
|
283
283
|
const sdk = createSdk({
|
|
284
284
|
// The Descope project ID to use for authentication
|
|
285
|
-
// Defaults to process.env.
|
|
285
|
+
// Defaults to process.env.NEXT_PUBLIC_DESCOPE_PROJECT_ID
|
|
286
286
|
projectId: 'your-descope-project-id',
|
|
287
287
|
|
|
288
288
|
// The Descope management key to use for management operations
|
|
@@ -290,7 +290,7 @@ const sdk = createSdk({
|
|
|
290
290
|
managementKey: 'your-descope-management-key'
|
|
291
291
|
|
|
292
292
|
// Optional: Descope API base URL
|
|
293
|
-
// Defaults to process.env.
|
|
293
|
+
// Defaults to process.env.NEXT_PUBLIC_DESCOPE_BASE_URL
|
|
294
294
|
// baseUrl: 'https://...'
|
|
295
295
|
});
|
|
296
296
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authMiddleware.js","sources":["../../../src/server/authMiddleware.ts"],"sourcesContent":["import { NextRequest, NextResponse } from 'next/server';\nimport descopeSdk from '@descope/node-sdk';\nimport type { AuthenticationInfo } from '@descope/node-sdk';\nimport { DEFAULT_PUBLIC_ROUTES, DESCOPE_SESSION_HEADER } from './constants';\nimport { getGlobalSdk } from './sdk';\nimport { mergeSearchParams } from './utils';\nimport { LogLevel } from '../types';\nimport { logger, setLogger } from './logger';\n\ntype MiddlewareOptions = {\n\t// The Descope project ID to use for authentication\n\t// Defaults to process.env.
|
|
1
|
+
{"version":3,"file":"authMiddleware.js","sources":["../../../src/server/authMiddleware.ts"],"sourcesContent":["import { NextRequest, NextResponse } from 'next/server';\nimport descopeSdk from '@descope/node-sdk';\nimport type { AuthenticationInfo } from '@descope/node-sdk';\nimport { DEFAULT_PUBLIC_ROUTES, DESCOPE_SESSION_HEADER } from './constants';\nimport { getGlobalSdk } from './sdk';\nimport { mergeSearchParams } from './utils';\nimport { LogLevel } from '../types';\nimport { logger, setLogger } from './logger';\n\ntype MiddlewareOptions = {\n\t// The Descope project ID to use for authentication\n\t// Defaults to process.env.NEXT_PUBLIC_DESCOPE_PROJECT_ID\n\tprojectId?: string;\n\n\t// The base URL to use for authentication\n\t// Defaults to process.env.NEXT_PUBLIC_DESCOPE_BASE_URL\n\tbaseUrl?: string;\n\n\t// The URL to redirect to if the user is not authenticated\n\t// Defaults to process.env.SIGN_IN_ROUTE or '/sign-in' if not provided\n\t// NOTE: In case it contains query parameters that exist in the original URL, they will override the original query parameters. e.g. if the original URL is /page?param1=1¶m2=2 and the redirect URL is /sign-in?param1=3, the final redirect URL will be /sign-in?param1=3¶m2=2\n\tredirectUrl?: string;\n\n\t// An array of public routes that do not require authentication\n\t// In addition to the default public routes:\n\t// - process.env.SIGN_IN_ROUTE or /sign-in if not provided\n\t// - process.env.SIGN_UP_ROUTE or /sign-up if not provided\n\tpublicRoutes?: string[];\n\n\t// An array of private routes that require authentication\n\t// If privateRoutes is defined, routes not listed in this array will default to public routes\n\tprivateRoutes?: string[];\n\n\t// The log level to use for the middleware\n\t// Defaults to 'info'\n\tlogLevel?: LogLevel;\n};\n\nconst getSessionJwt = (req: NextRequest): string | undefined => {\n\tlet jwt = req.headers?.get('Authorization')?.split(' ')[1];\n\tif (jwt) {\n\t\treturn jwt;\n\t}\n\n\tjwt = req.cookies?.get(descopeSdk.SessionTokenCookieName)?.value;\n\tif (jwt) {\n\t\treturn jwt;\n\t}\n\treturn undefined;\n};\n\nconst matchWildcardRoute = (route: string, path: string) => {\n\tlet regexPattern = route.replace(/[.+?^${}()|[\\]\\\\]/g, '\\\\$&');\n\n\t// Convert wildcard (*) to match path segments only\n\tregexPattern = regexPattern.replace(/\\*/g, '[^/]*');\n\tconst regex = new RegExp(`^${regexPattern}$`);\n\n\treturn regex.test(path);\n};\n\nconst isPublicRoute = (req: NextRequest, options: MiddlewareOptions) => {\n\t// Ensure publicRoutes and privateRoutes are arrays, defaulting to empty arrays if not defined\n\tconst { publicRoutes = [], privateRoutes = [] } = options;\n\tconst { pathname } = req.nextUrl;\n\n\tconst isDefaultPublicRoute = Object.values(DEFAULT_PUBLIC_ROUTES).includes(\n\t\tpathname\n\t);\n\n\tif (publicRoutes.length > 0) {\n\t\tif (privateRoutes.length > 0) {\n\t\t\tlogger.warn(\n\t\t\t\t'Both publicRoutes and privateRoutes are defined. Ignoring privateRoutes.'\n\t\t\t);\n\t\t}\n\t\treturn (\n\t\t\tisDefaultPublicRoute ||\n\t\t\tpublicRoutes.some((route) => matchWildcardRoute(route, pathname))\n\t\t);\n\t}\n\n\tif (privateRoutes.length > 0) {\n\t\treturn (\n\t\t\tisDefaultPublicRoute ||\n\t\t\t!privateRoutes.some((route) => matchWildcardRoute(route, pathname))\n\t\t);\n\t}\n\n\t// If no routes are provided, all routes are private\n\treturn isDefaultPublicRoute;\n};\n\nconst addSessionToHeadersIfExists = (\n\theaders: Headers,\n\tsession: AuthenticationInfo | undefined\n): Headers => {\n\tif (session) {\n\t\tconst requestHeaders = new Headers(headers);\n\t\trequestHeaders.set(\n\t\t\tDESCOPE_SESSION_HEADER,\n\t\t\tBuffer.from(JSON.stringify(session)).toString('base64')\n\t\t);\n\t\treturn requestHeaders;\n\t}\n\treturn headers;\n};\n\n// returns a Middleware that checks if the user is authenticated\n// if the user is not authenticated, it redirects to the redirectUrl\n// if the user is authenticated, it adds the session to the headers\nconst createAuthMiddleware =\n\t(options: MiddlewareOptions = {}) =>\n\tasync (req: NextRequest) => {\n\t\tsetLogger(options.logLevel);\n\t\tlogger.debug('Auth middleware starts');\n\n\t\tconst jwt = getSessionJwt(req);\n\n\t\t// check if the user is authenticated\n\t\tlet session: AuthenticationInfo | undefined;\n\t\ttry {\n\t\t\tsession = await getGlobalSdk({\n\t\t\t\tprojectId: options.projectId,\n\t\t\t\tbaseUrl: options.baseUrl\n\t\t\t}).validateJwt(jwt);\n\t\t} catch (err) {\n\t\t\tlogger.debug('Auth middleware, Failed to validate JWT', err);\n\t\t\tif (!isPublicRoute(req, options)) {\n\t\t\t\tconst redirectUrl = options.redirectUrl || DEFAULT_PUBLIC_ROUTES.signIn;\n\t\t\t\tconst url = req.nextUrl.clone();\n\t\t\t\t// Create a URL object for redirectUrl. 'http://example.com' is just a placeholder.\n\t\t\t\tconst parsedRedirectUrl = new URL(redirectUrl, 'http://example.com');\n\t\t\t\turl.pathname = parsedRedirectUrl.pathname;\n\n\t\t\t\tconst searchParams = mergeSearchParams(\n\t\t\t\t\turl.search,\n\t\t\t\t\tparsedRedirectUrl.search\n\t\t\t\t);\n\t\t\t\tif (searchParams) {\n\t\t\t\t\turl.search = searchParams;\n\t\t\t\t}\n\t\t\t\tlogger.debug(`Auth middleware, Redirecting to ${redirectUrl}`);\n\t\t\t\treturn NextResponse.redirect(url);\n\t\t\t}\n\t\t}\n\n\t\tlogger.debug('Auth middleware finishes');\n\t\t// add the session to the request, if it exists\n\t\tconst headers = addSessionToHeadersIfExists(req.headers, session);\n\t\treturn NextResponse.next({\n\t\t\trequest: {\n\t\t\t\theaders\n\t\t\t}\n\t\t});\n\t};\n\nexport default createAuthMiddleware;\n"],"names":["DEFAULT_PUBLIC_ROUTES","logger","DESCOPE_SESSION_HEADER","setLogger","getGlobalSdk","mergeSearchParams","NextResponse"],"mappings":";;;;;;;;;AAsCA,MAAM,aAAa,GAAG,CAAC,GAAgB,KAAwB;AAC9D,IAAA,IAAI,GAAG,GAAG,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,eAAe,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3D,IAAI,GAAG,EAAE;AACR,QAAA,OAAO,GAAG,CAAC;KACX;AAED,IAAA,GAAG,GAAG,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,UAAU,CAAC,sBAAsB,CAAC,EAAE,KAAK,CAAC;IACjE,IAAI,GAAG,EAAE;AACR,QAAA,OAAO,GAAG,CAAC;KACX;AACD,IAAA,OAAO,SAAS,CAAC;AAClB,CAAC,CAAC;AAEF,MAAM,kBAAkB,GAAG,CAAC,KAAa,EAAE,IAAY,KAAI;IAC1D,IAAI,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;;IAG/D,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IACpD,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,CAAI,CAAA,EAAA,YAAY,CAAG,CAAA,CAAA,CAAC,CAAC;AAE9C,IAAA,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzB,CAAC,CAAC;AAEF,MAAM,aAAa,GAAG,CAAC,GAAgB,EAAE,OAA0B,KAAI;;IAEtE,MAAM,EAAE,YAAY,GAAG,EAAE,EAAE,aAAa,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC;AAC1D,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;AAEjC,IAAA,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAACA,+BAAqB,CAAC,CAAC,QAAQ,CACzE,QAAQ,CACR,CAAC;AAEF,IAAA,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE;AAC5B,QAAA,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE;AAC7B,YAAAC,aAAM,CAAC,IAAI,CACV,0EAA0E,CAC1E,CAAC;SACF;AACD,QAAA,QACC,oBAAoB;AACpB,YAAA,YAAY,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,kBAAkB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,EAChE;KACF;AAED,IAAA,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE;AAC7B,QAAA,QACC,oBAAoB;AACpB,YAAA,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,kBAAkB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,EAClE;KACF;;AAGD,IAAA,OAAO,oBAAoB,CAAC;AAC7B,CAAC,CAAC;AAEF,MAAM,2BAA2B,GAAG,CACnC,OAAgB,EAChB,OAAuC,KAC3B;IACZ,IAAI,OAAO,EAAE;AACZ,QAAA,MAAM,cAAc,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5C,cAAc,CAAC,GAAG,CACjBC,gCAAsB,EACtB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CACvD,CAAC;AACF,QAAA,OAAO,cAAc,CAAC;KACtB;AACD,IAAA,OAAO,OAAO,CAAC;AAChB,CAAC,CAAC;AAEF;AACA;AACA;AACA,MAAM,oBAAoB,GACzB,CAAC,OAAA,GAA6B,EAAE,KAChC,OAAO,GAAgB,KAAI;AAC1B,IAAAC,gBAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;AAC5B,IAAAF,aAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;AAEvC,IAAA,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;;AAG/B,IAAA,IAAI,OAAuC,CAAC;AAC5C,IAAA,IAAI;QACH,OAAO,GAAG,MAAMG,gBAAY,CAAC;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,OAAO,EAAE,OAAO,CAAC,OAAO;AACxB,SAAA,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;KACpB;IAAC,OAAO,GAAG,EAAE;AACb,QAAAH,aAAM,CAAC,KAAK,CAAC,yCAAyC,EAAE,GAAG,CAAC,CAAC;QAC7D,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,OAAO,CAAC,EAAE;YACjC,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAID,+BAAqB,CAAC,MAAM,CAAC;YACxE,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;;YAEhC,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,WAAW,EAAE,oBAAoB,CAAC,CAAC;AACrE,YAAA,GAAG,CAAC,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,CAAC;AAE1C,YAAA,MAAM,YAAY,GAAGK,uBAAiB,CACrC,GAAG,CAAC,MAAM,EACV,iBAAiB,CAAC,MAAM,CACxB,CAAC;YACF,IAAI,YAAY,EAAE;AACjB,gBAAA,GAAG,CAAC,MAAM,GAAG,YAAY,CAAC;aAC1B;AACD,YAAAJ,aAAM,CAAC,KAAK,CAAC,mCAAmC,WAAW,CAAA,CAAE,CAAC,CAAC;AAC/D,YAAA,OAAOK,sBAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;SAClC;KACD;AAED,IAAAL,aAAM,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;;IAEzC,MAAM,OAAO,GAAG,2BAA2B,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAClE,OAAOK,sBAAY,CAAC,IAAI,CAAC;AACxB,QAAA,OAAO,EAAE;YACR,OAAO;AACP,SAAA;AACD,KAAA,CAAC,CAAC;AACJ;;;;"}
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
const DESCOPE_SESSION_HEADER = 'x-descope-session';
|
|
4
4
|
const baseHeaders = {
|
|
5
5
|
'x-descope-sdk-name': 'nextjs',
|
|
6
|
-
'x-descope-sdk-version': "0.13.
|
|
6
|
+
'x-descope-sdk-version': "0.13.15"
|
|
7
7
|
};
|
|
8
8
|
const DEFAULT_PUBLIC_ROUTES = {
|
|
9
9
|
signIn: process.env.SIGN_IN_ROUTE || '/sign-in',
|
package/dist/cjs/server/sdk.js
CHANGED
|
@@ -6,9 +6,13 @@ var constants = require('./constants.js');
|
|
|
6
6
|
let globalSdk;
|
|
7
7
|
const createSdk = (config) => descopeSdk({
|
|
8
8
|
...config,
|
|
9
|
-
projectId: config?.projectId ||
|
|
9
|
+
projectId: config?.projectId ||
|
|
10
|
+
process.env.NEXT_PUBLIC_DESCOPE_PROJECT_ID ||
|
|
11
|
+
process.env.DESCOPE_PROJECT_ID, // the last one for backward compatibility
|
|
10
12
|
managementKey: config?.managementKey || process.env.DESCOPE_MANAGEMENT_KEY,
|
|
11
|
-
baseUrl: config?.baseUrl ||
|
|
13
|
+
baseUrl: config?.baseUrl ||
|
|
14
|
+
process.env.NEXT_PUBLIC_DESCOPE_BASE_URL ||
|
|
15
|
+
process.env.DESCOPE_BASE_URL, // the last one for backward compatibility
|
|
12
16
|
baseHeaders: {
|
|
13
17
|
...config?.baseHeaders,
|
|
14
18
|
...constants.baseHeaders
|
|
@@ -16,7 +20,9 @@ const createSdk = (config) => descopeSdk({
|
|
|
16
20
|
});
|
|
17
21
|
const getGlobalSdk = (config) => {
|
|
18
22
|
if (!globalSdk) {
|
|
19
|
-
if (!config?.projectId &&
|
|
23
|
+
if (!config?.projectId &&
|
|
24
|
+
!process.env.DESCOPE_PROJECT_ID &&
|
|
25
|
+
!process.env.NEXT_PUBLIC_DESCOPE_PROJECT_ID) {
|
|
20
26
|
throw new Error('Descope project ID is required to create the SDK');
|
|
21
27
|
}
|
|
22
28
|
globalSdk = createSdk(config);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sdk.js","sources":["../../../src/server/sdk.ts"],"sourcesContent":["import descopeSdk from '@descope/node-sdk';\nimport { baseHeaders } from './constants';\n\ntype Sdk = ReturnType<typeof descopeSdk>;\ntype CreateServerSdkParams = Omit<\n\tParameters<typeof descopeSdk>[0],\n\t'projectId'\n> & {\n\tprojectId?: string | undefined;\n};\n\ntype CreateSdkParams = Pick<CreateServerSdkParams, 'projectId' | 'baseUrl'>;\n\nlet globalSdk: Sdk;\n\nexport const createSdk = (config?: CreateServerSdkParams): Sdk =>\n\tdescopeSdk({\n\t\t...config,\n\t\tprojectId
|
|
1
|
+
{"version":3,"file":"sdk.js","sources":["../../../src/server/sdk.ts"],"sourcesContent":["import descopeSdk from '@descope/node-sdk';\nimport { baseHeaders } from './constants';\n\ntype Sdk = ReturnType<typeof descopeSdk>;\ntype CreateServerSdkParams = Omit<\n\tParameters<typeof descopeSdk>[0],\n\t'projectId'\n> & {\n\tprojectId?: string | undefined;\n};\n\ntype CreateSdkParams = Pick<CreateServerSdkParams, 'projectId' | 'baseUrl'>;\n\nlet globalSdk: Sdk;\n\nexport const createSdk = (config?: CreateServerSdkParams): Sdk =>\n\tdescopeSdk({\n\t\t...config,\n\t\tprojectId:\n\t\t\tconfig?.projectId ||\n\t\t\tprocess.env.NEXT_PUBLIC_DESCOPE_PROJECT_ID ||\n\t\t\tprocess.env.DESCOPE_PROJECT_ID, // the last one for backward compatibility\n\t\tmanagementKey: config?.managementKey || process.env.DESCOPE_MANAGEMENT_KEY,\n\t\tbaseUrl:\n\t\t\tconfig?.baseUrl ||\n\t\t\tprocess.env.NEXT_PUBLIC_DESCOPE_BASE_URL ||\n\t\t\tprocess.env.DESCOPE_BASE_URL, // the last one for backward compatibility\n\t\tbaseHeaders: {\n\t\t\t...config?.baseHeaders,\n\t\t\t...baseHeaders\n\t\t}\n\t});\n\nexport const getGlobalSdk = (config?: CreateSdkParams): Sdk => {\n\tif (!globalSdk) {\n\t\tif (\n\t\t\t!config?.projectId &&\n\t\t\t!process.env.DESCOPE_PROJECT_ID &&\n\t\t\t!process.env.NEXT_PUBLIC_DESCOPE_PROJECT_ID\n\t\t) {\n\t\t\tthrow new Error('Descope project ID is required to create the SDK');\n\t\t}\n\t\tglobalSdk = createSdk(config);\n\t}\n\n\treturn globalSdk;\n};\n\nexport type { CreateSdkParams };\n"],"names":["baseHeaders"],"mappings":";;;;;AAaA,IAAI,SAAc,CAAC;AAEN,MAAA,SAAS,GAAG,CAAC,MAA8B,KACvD,UAAU,CAAC;AACV,IAAA,GAAG,MAAM;IACT,SAAS,EACR,MAAM,EAAE,SAAS;QACjB,OAAO,CAAC,GAAG,CAAC,8BAA8B;AAC1C,QAAA,OAAO,CAAC,GAAG,CAAC,kBAAkB;IAC/B,aAAa,EAAE,MAAM,EAAE,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,sBAAsB;IAC1E,OAAO,EACN,MAAM,EAAE,OAAO;QACf,OAAO,CAAC,GAAG,CAAC,4BAA4B;AACxC,QAAA,OAAO,CAAC,GAAG,CAAC,gBAAgB;AAC7B,IAAA,WAAW,EAAE;QACZ,GAAG,MAAM,EAAE,WAAW;AACtB,QAAA,GAAGA,qBAAW;AACd,KAAA;AACD,CAAA,EAAE;AAES,MAAA,YAAY,GAAG,CAAC,MAAwB,KAAS;IAC7D,IAAI,CAAC,SAAS,EAAE;QACf,IACC,CAAC,MAAM,EAAE,SAAS;AAClB,YAAA,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB;AAC/B,YAAA,CAAC,OAAO,CAAC,GAAG,CAAC,8BAA8B,EAC1C;AACD,YAAA,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;SACpE;AACD,QAAA,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;KAC9B;AAED,IAAA,OAAO,SAAS,CAAC;AAClB;;;;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authMiddleware.js","sources":["../../../src/server/authMiddleware.ts"],"sourcesContent":["import { NextRequest, NextResponse } from 'next/server';\nimport descopeSdk from '@descope/node-sdk';\nimport type { AuthenticationInfo } from '@descope/node-sdk';\nimport { DEFAULT_PUBLIC_ROUTES, DESCOPE_SESSION_HEADER } from './constants';\nimport { getGlobalSdk } from './sdk';\nimport { mergeSearchParams } from './utils';\nimport { LogLevel } from '../types';\nimport { logger, setLogger } from './logger';\n\ntype MiddlewareOptions = {\n\t// The Descope project ID to use for authentication\n\t// Defaults to process.env.
|
|
1
|
+
{"version":3,"file":"authMiddleware.js","sources":["../../../src/server/authMiddleware.ts"],"sourcesContent":["import { NextRequest, NextResponse } from 'next/server';\nimport descopeSdk from '@descope/node-sdk';\nimport type { AuthenticationInfo } from '@descope/node-sdk';\nimport { DEFAULT_PUBLIC_ROUTES, DESCOPE_SESSION_HEADER } from './constants';\nimport { getGlobalSdk } from './sdk';\nimport { mergeSearchParams } from './utils';\nimport { LogLevel } from '../types';\nimport { logger, setLogger } from './logger';\n\ntype MiddlewareOptions = {\n\t// The Descope project ID to use for authentication\n\t// Defaults to process.env.NEXT_PUBLIC_DESCOPE_PROJECT_ID\n\tprojectId?: string;\n\n\t// The base URL to use for authentication\n\t// Defaults to process.env.NEXT_PUBLIC_DESCOPE_BASE_URL\n\tbaseUrl?: string;\n\n\t// The URL to redirect to if the user is not authenticated\n\t// Defaults to process.env.SIGN_IN_ROUTE or '/sign-in' if not provided\n\t// NOTE: In case it contains query parameters that exist in the original URL, they will override the original query parameters. e.g. if the original URL is /page?param1=1¶m2=2 and the redirect URL is /sign-in?param1=3, the final redirect URL will be /sign-in?param1=3¶m2=2\n\tredirectUrl?: string;\n\n\t// An array of public routes that do not require authentication\n\t// In addition to the default public routes:\n\t// - process.env.SIGN_IN_ROUTE or /sign-in if not provided\n\t// - process.env.SIGN_UP_ROUTE or /sign-up if not provided\n\tpublicRoutes?: string[];\n\n\t// An array of private routes that require authentication\n\t// If privateRoutes is defined, routes not listed in this array will default to public routes\n\tprivateRoutes?: string[];\n\n\t// The log level to use for the middleware\n\t// Defaults to 'info'\n\tlogLevel?: LogLevel;\n};\n\nconst getSessionJwt = (req: NextRequest): string | undefined => {\n\tlet jwt = req.headers?.get('Authorization')?.split(' ')[1];\n\tif (jwt) {\n\t\treturn jwt;\n\t}\n\n\tjwt = req.cookies?.get(descopeSdk.SessionTokenCookieName)?.value;\n\tif (jwt) {\n\t\treturn jwt;\n\t}\n\treturn undefined;\n};\n\nconst matchWildcardRoute = (route: string, path: string) => {\n\tlet regexPattern = route.replace(/[.+?^${}()|[\\]\\\\]/g, '\\\\$&');\n\n\t// Convert wildcard (*) to match path segments only\n\tregexPattern = regexPattern.replace(/\\*/g, '[^/]*');\n\tconst regex = new RegExp(`^${regexPattern}$`);\n\n\treturn regex.test(path);\n};\n\nconst isPublicRoute = (req: NextRequest, options: MiddlewareOptions) => {\n\t// Ensure publicRoutes and privateRoutes are arrays, defaulting to empty arrays if not defined\n\tconst { publicRoutes = [], privateRoutes = [] } = options;\n\tconst { pathname } = req.nextUrl;\n\n\tconst isDefaultPublicRoute = Object.values(DEFAULT_PUBLIC_ROUTES).includes(\n\t\tpathname\n\t);\n\n\tif (publicRoutes.length > 0) {\n\t\tif (privateRoutes.length > 0) {\n\t\t\tlogger.warn(\n\t\t\t\t'Both publicRoutes and privateRoutes are defined. Ignoring privateRoutes.'\n\t\t\t);\n\t\t}\n\t\treturn (\n\t\t\tisDefaultPublicRoute ||\n\t\t\tpublicRoutes.some((route) => matchWildcardRoute(route, pathname))\n\t\t);\n\t}\n\n\tif (privateRoutes.length > 0) {\n\t\treturn (\n\t\t\tisDefaultPublicRoute ||\n\t\t\t!privateRoutes.some((route) => matchWildcardRoute(route, pathname))\n\t\t);\n\t}\n\n\t// If no routes are provided, all routes are private\n\treturn isDefaultPublicRoute;\n};\n\nconst addSessionToHeadersIfExists = (\n\theaders: Headers,\n\tsession: AuthenticationInfo | undefined\n): Headers => {\n\tif (session) {\n\t\tconst requestHeaders = new Headers(headers);\n\t\trequestHeaders.set(\n\t\t\tDESCOPE_SESSION_HEADER,\n\t\t\tBuffer.from(JSON.stringify(session)).toString('base64')\n\t\t);\n\t\treturn requestHeaders;\n\t}\n\treturn headers;\n};\n\n// returns a Middleware that checks if the user is authenticated\n// if the user is not authenticated, it redirects to the redirectUrl\n// if the user is authenticated, it adds the session to the headers\nconst createAuthMiddleware =\n\t(options: MiddlewareOptions = {}) =>\n\tasync (req: NextRequest) => {\n\t\tsetLogger(options.logLevel);\n\t\tlogger.debug('Auth middleware starts');\n\n\t\tconst jwt = getSessionJwt(req);\n\n\t\t// check if the user is authenticated\n\t\tlet session: AuthenticationInfo | undefined;\n\t\ttry {\n\t\t\tsession = await getGlobalSdk({\n\t\t\t\tprojectId: options.projectId,\n\t\t\t\tbaseUrl: options.baseUrl\n\t\t\t}).validateJwt(jwt);\n\t\t} catch (err) {\n\t\t\tlogger.debug('Auth middleware, Failed to validate JWT', err);\n\t\t\tif (!isPublicRoute(req, options)) {\n\t\t\t\tconst redirectUrl = options.redirectUrl || DEFAULT_PUBLIC_ROUTES.signIn;\n\t\t\t\tconst url = req.nextUrl.clone();\n\t\t\t\t// Create a URL object for redirectUrl. 'http://example.com' is just a placeholder.\n\t\t\t\tconst parsedRedirectUrl = new URL(redirectUrl, 'http://example.com');\n\t\t\t\turl.pathname = parsedRedirectUrl.pathname;\n\n\t\t\t\tconst searchParams = mergeSearchParams(\n\t\t\t\t\turl.search,\n\t\t\t\t\tparsedRedirectUrl.search\n\t\t\t\t);\n\t\t\t\tif (searchParams) {\n\t\t\t\t\turl.search = searchParams;\n\t\t\t\t}\n\t\t\t\tlogger.debug(`Auth middleware, Redirecting to ${redirectUrl}`);\n\t\t\t\treturn NextResponse.redirect(url);\n\t\t\t}\n\t\t}\n\n\t\tlogger.debug('Auth middleware finishes');\n\t\t// add the session to the request, if it exists\n\t\tconst headers = addSessionToHeadersIfExists(req.headers, session);\n\t\treturn NextResponse.next({\n\t\t\trequest: {\n\t\t\t\theaders\n\t\t\t}\n\t\t});\n\t};\n\nexport default createAuthMiddleware;\n"],"names":[],"mappings":";;;;;;;AAsCA,MAAM,aAAa,GAAG,CAAC,GAAgB,KAAwB;AAC9D,IAAA,IAAI,GAAG,GAAG,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,eAAe,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3D,IAAI,GAAG,EAAE;AACR,QAAA,OAAO,GAAG,CAAC;KACX;AAED,IAAA,GAAG,GAAG,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,UAAU,CAAC,sBAAsB,CAAC,EAAE,KAAK,CAAC;IACjE,IAAI,GAAG,EAAE;AACR,QAAA,OAAO,GAAG,CAAC;KACX;AACD,IAAA,OAAO,SAAS,CAAC;AAClB,CAAC,CAAC;AAEF,MAAM,kBAAkB,GAAG,CAAC,KAAa,EAAE,IAAY,KAAI;IAC1D,IAAI,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;;IAG/D,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IACpD,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,CAAI,CAAA,EAAA,YAAY,CAAG,CAAA,CAAA,CAAC,CAAC;AAE9C,IAAA,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzB,CAAC,CAAC;AAEF,MAAM,aAAa,GAAG,CAAC,GAAgB,EAAE,OAA0B,KAAI;;IAEtE,MAAM,EAAE,YAAY,GAAG,EAAE,EAAE,aAAa,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC;AAC1D,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;AAEjC,IAAA,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC,QAAQ,CACzE,QAAQ,CACR,CAAC;AAEF,IAAA,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE;AAC5B,QAAA,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE;AAC7B,YAAA,MAAM,CAAC,IAAI,CACV,0EAA0E,CAC1E,CAAC;SACF;AACD,QAAA,QACC,oBAAoB;AACpB,YAAA,YAAY,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,kBAAkB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,EAChE;KACF;AAED,IAAA,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE;AAC7B,QAAA,QACC,oBAAoB;AACpB,YAAA,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,kBAAkB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,EAClE;KACF;;AAGD,IAAA,OAAO,oBAAoB,CAAC;AAC7B,CAAC,CAAC;AAEF,MAAM,2BAA2B,GAAG,CACnC,OAAgB,EAChB,OAAuC,KAC3B;IACZ,IAAI,OAAO,EAAE;AACZ,QAAA,MAAM,cAAc,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5C,cAAc,CAAC,GAAG,CACjB,sBAAsB,EACtB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CACvD,CAAC;AACF,QAAA,OAAO,cAAc,CAAC;KACtB;AACD,IAAA,OAAO,OAAO,CAAC;AAChB,CAAC,CAAC;AAEF;AACA;AACA;AACA,MAAM,oBAAoB,GACzB,CAAC,OAAA,GAA6B,EAAE,KAChC,OAAO,GAAgB,KAAI;AAC1B,IAAA,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;AAC5B,IAAA,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;AAEvC,IAAA,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;;AAG/B,IAAA,IAAI,OAAuC,CAAC;AAC5C,IAAA,IAAI;QACH,OAAO,GAAG,MAAM,YAAY,CAAC;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,OAAO,EAAE,OAAO,CAAC,OAAO;AACxB,SAAA,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;KACpB;IAAC,OAAO,GAAG,EAAE;AACb,QAAA,MAAM,CAAC,KAAK,CAAC,yCAAyC,EAAE,GAAG,CAAC,CAAC;QAC7D,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,OAAO,CAAC,EAAE;YACjC,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,qBAAqB,CAAC,MAAM,CAAC;YACxE,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;;YAEhC,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,WAAW,EAAE,oBAAoB,CAAC,CAAC;AACrE,YAAA,GAAG,CAAC,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,CAAC;AAE1C,YAAA,MAAM,YAAY,GAAG,iBAAiB,CACrC,GAAG,CAAC,MAAM,EACV,iBAAiB,CAAC,MAAM,CACxB,CAAC;YACF,IAAI,YAAY,EAAE;AACjB,gBAAA,GAAG,CAAC,MAAM,GAAG,YAAY,CAAC;aAC1B;AACD,YAAA,MAAM,CAAC,KAAK,CAAC,mCAAmC,WAAW,CAAA,CAAE,CAAC,CAAC;AAC/D,YAAA,OAAO,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;SAClC;KACD;AAED,IAAA,MAAM,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;;IAEzC,MAAM,OAAO,GAAG,2BAA2B,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAClE,OAAO,YAAY,CAAC,IAAI,CAAC;AACxB,QAAA,OAAO,EAAE;YACR,OAAO;AACP,SAAA;AACD,KAAA,CAAC,CAAC;AACJ;;;;"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
const DESCOPE_SESSION_HEADER = 'x-descope-session';
|
|
2
2
|
const baseHeaders = {
|
|
3
3
|
'x-descope-sdk-name': 'nextjs',
|
|
4
|
-
'x-descope-sdk-version': "0.13.
|
|
4
|
+
'x-descope-sdk-version': "0.13.15"
|
|
5
5
|
};
|
|
6
6
|
const DEFAULT_PUBLIC_ROUTES = {
|
|
7
7
|
signIn: process.env.SIGN_IN_ROUTE || '/sign-in',
|
package/dist/esm/server/sdk.js
CHANGED
|
@@ -4,9 +4,13 @@ import { baseHeaders } from './constants.js';
|
|
|
4
4
|
let globalSdk;
|
|
5
5
|
const createSdk = (config) => descopeSdk({
|
|
6
6
|
...config,
|
|
7
|
-
projectId: config?.projectId ||
|
|
7
|
+
projectId: config?.projectId ||
|
|
8
|
+
process.env.NEXT_PUBLIC_DESCOPE_PROJECT_ID ||
|
|
9
|
+
process.env.DESCOPE_PROJECT_ID, // the last one for backward compatibility
|
|
8
10
|
managementKey: config?.managementKey || process.env.DESCOPE_MANAGEMENT_KEY,
|
|
9
|
-
baseUrl: config?.baseUrl ||
|
|
11
|
+
baseUrl: config?.baseUrl ||
|
|
12
|
+
process.env.NEXT_PUBLIC_DESCOPE_BASE_URL ||
|
|
13
|
+
process.env.DESCOPE_BASE_URL, // the last one for backward compatibility
|
|
10
14
|
baseHeaders: {
|
|
11
15
|
...config?.baseHeaders,
|
|
12
16
|
...baseHeaders
|
|
@@ -14,7 +18,9 @@ const createSdk = (config) => descopeSdk({
|
|
|
14
18
|
});
|
|
15
19
|
const getGlobalSdk = (config) => {
|
|
16
20
|
if (!globalSdk) {
|
|
17
|
-
if (!config?.projectId &&
|
|
21
|
+
if (!config?.projectId &&
|
|
22
|
+
!process.env.DESCOPE_PROJECT_ID &&
|
|
23
|
+
!process.env.NEXT_PUBLIC_DESCOPE_PROJECT_ID) {
|
|
18
24
|
throw new Error('Descope project ID is required to create the SDK');
|
|
19
25
|
}
|
|
20
26
|
globalSdk = createSdk(config);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sdk.js","sources":["../../../src/server/sdk.ts"],"sourcesContent":["import descopeSdk from '@descope/node-sdk';\nimport { baseHeaders } from './constants';\n\ntype Sdk = ReturnType<typeof descopeSdk>;\ntype CreateServerSdkParams = Omit<\n\tParameters<typeof descopeSdk>[0],\n\t'projectId'\n> & {\n\tprojectId?: string | undefined;\n};\n\ntype CreateSdkParams = Pick<CreateServerSdkParams, 'projectId' | 'baseUrl'>;\n\nlet globalSdk: Sdk;\n\nexport const createSdk = (config?: CreateServerSdkParams): Sdk =>\n\tdescopeSdk({\n\t\t...config,\n\t\tprojectId
|
|
1
|
+
{"version":3,"file":"sdk.js","sources":["../../../src/server/sdk.ts"],"sourcesContent":["import descopeSdk from '@descope/node-sdk';\nimport { baseHeaders } from './constants';\n\ntype Sdk = ReturnType<typeof descopeSdk>;\ntype CreateServerSdkParams = Omit<\n\tParameters<typeof descopeSdk>[0],\n\t'projectId'\n> & {\n\tprojectId?: string | undefined;\n};\n\ntype CreateSdkParams = Pick<CreateServerSdkParams, 'projectId' | 'baseUrl'>;\n\nlet globalSdk: Sdk;\n\nexport const createSdk = (config?: CreateServerSdkParams): Sdk =>\n\tdescopeSdk({\n\t\t...config,\n\t\tprojectId:\n\t\t\tconfig?.projectId ||\n\t\t\tprocess.env.NEXT_PUBLIC_DESCOPE_PROJECT_ID ||\n\t\t\tprocess.env.DESCOPE_PROJECT_ID, // the last one for backward compatibility\n\t\tmanagementKey: config?.managementKey || process.env.DESCOPE_MANAGEMENT_KEY,\n\t\tbaseUrl:\n\t\t\tconfig?.baseUrl ||\n\t\t\tprocess.env.NEXT_PUBLIC_DESCOPE_BASE_URL ||\n\t\t\tprocess.env.DESCOPE_BASE_URL, // the last one for backward compatibility\n\t\tbaseHeaders: {\n\t\t\t...config?.baseHeaders,\n\t\t\t...baseHeaders\n\t\t}\n\t});\n\nexport const getGlobalSdk = (config?: CreateSdkParams): Sdk => {\n\tif (!globalSdk) {\n\t\tif (\n\t\t\t!config?.projectId &&\n\t\t\t!process.env.DESCOPE_PROJECT_ID &&\n\t\t\t!process.env.NEXT_PUBLIC_DESCOPE_PROJECT_ID\n\t\t) {\n\t\t\tthrow new Error('Descope project ID is required to create the SDK');\n\t\t}\n\t\tglobalSdk = createSdk(config);\n\t}\n\n\treturn globalSdk;\n};\n\nexport type { CreateSdkParams };\n"],"names":[],"mappings":";;;AAaA,IAAI,SAAc,CAAC;AAEN,MAAA,SAAS,GAAG,CAAC,MAA8B,KACvD,UAAU,CAAC;AACV,IAAA,GAAG,MAAM;IACT,SAAS,EACR,MAAM,EAAE,SAAS;QACjB,OAAO,CAAC,GAAG,CAAC,8BAA8B;AAC1C,QAAA,OAAO,CAAC,GAAG,CAAC,kBAAkB;IAC/B,aAAa,EAAE,MAAM,EAAE,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,sBAAsB;IAC1E,OAAO,EACN,MAAM,EAAE,OAAO;QACf,OAAO,CAAC,GAAG,CAAC,4BAA4B;AACxC,QAAA,OAAO,CAAC,GAAG,CAAC,gBAAgB;AAC7B,IAAA,WAAW,EAAE;QACZ,GAAG,MAAM,EAAE,WAAW;AACtB,QAAA,GAAG,WAAW;AACd,KAAA;AACD,CAAA,EAAE;AAES,MAAA,YAAY,GAAG,CAAC,MAAwB,KAAS;IAC7D,IAAI,CAAC,SAAS,EAAE;QACf,IACC,CAAC,MAAM,EAAE,SAAS;AAClB,YAAA,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB;AAC/B,YAAA,CAAC,OAAO,CAAC,GAAG,CAAC,8BAA8B,EAC1C;AACD,YAAA,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;SACpE;AACD,QAAA,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;KAC9B;AAED,IAAA,OAAO,SAAS,CAAC;AAClB;;;;"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@descope/nextjs-sdk",
|
|
3
|
-
"version": "0.13.
|
|
3
|
+
"version": "0.13.15",
|
|
4
4
|
"description": "Descope NextJS SDK",
|
|
5
5
|
"author": "Descope Team <info@descope.com>",
|
|
6
6
|
"homepage": "https://github.com/descope/descope-js",
|
|
@@ -64,9 +64,9 @@
|
|
|
64
64
|
},
|
|
65
65
|
"dependencies": {
|
|
66
66
|
"@descope/node-sdk": "1.6.13",
|
|
67
|
-
"@descope/react-sdk": "2.14.
|
|
68
|
-
"@descope/
|
|
69
|
-
"@descope/
|
|
67
|
+
"@descope/react-sdk": "2.14.20",
|
|
68
|
+
"@descope/web-component": "3.43.14",
|
|
69
|
+
"@descope/core-js-sdk": "2.44.1"
|
|
70
70
|
},
|
|
71
71
|
"devDependencies": {
|
|
72
72
|
"@babel/core": "7.26.0",
|